#!/bin/bash# /root/bin or /usr/local/bin would be a good place for this script# Probably need to run this as root, otherwise many errors will show up about# permission problems with reading these files.NOTIFY_EMAIL=user@station.example.com
# Assume (for now) that we already have a /etc/suid.md5 to compare new file tofind/-type f -perm +6000-exec md5sum {} \; >/etc/suid.md5.new
ifdiff/etc/suid.md5 /etc/suid.md5.new &>/tmp/suid-check-diff.out
thenecho"No SUIDs have changed"elseif["$1" = "interactive"]thencat/tmp/suid-check-diff.out
echo"Check FAILED! SUID executable(s) have changed!"read-p"Is this okay? (yes/no) " RESPONSE
if["$RESPONSE" = "yes"]thenmv/etc/suid.md5.new /etc/suid.md5
fielseecho"Check FAILED! SUID executable(s) have changed!"| mail -s"SUID Change"$NOTIFY_EMAILfifi